Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/71A2A28CD4069A1E713611A097350760081D2E81DB649EC9853A5B4DD5A04565/0/34352e3138372e3133322e302f32322d3234203d3e20323639383139.roa
File:                     34352e3138372e3133322e302f32322d3234203d3e20323639383139.roa (raw, json)
Hash identifier:          nEldPUio1qmE2UzW/0rPbeu0bUzrN0ofWC8D7A5Q9zM=
Subject key identifier:   A8:81:7F:7A:1E:7B:C5:17:8B:EC:19:13:56:38:86:80:AF:EE:9C:42
Certificate issuer:       /CN=F98B92454B43512A3C761A3C81A5F9B6EADD6F5D
Certificate serial:       6BC67CFF2C146ECD5E1BA6D2AA48FF0DAECDB1D9
Authority key identifier: F9:8B:92:45:4B:43:51:2A:3C:76:1A:3C:81:A5:F9:B6:EA:DD:6F:5D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F98B92454B43512A3C761A3C81A5F9B6EADD6F5D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/71A2A28CD4069A1E713611A097350760081D2E81DB649EC9853A5B4DD5A04565/0/34352e3138372e3133322e302f32322d3234203d3e20323639383139.roa
Signing time:             Tue 05 Mar 2024 17:54:31 +0000
ROA not before:           Tue 05 Mar 2024 17:49:31 +0000
ROA not after:            Tue 04 Mar 2025 17:54:31 +0000
asID:                     269819
IP address blocks:        45.187.132.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/71A2A28CD4069A1E713611A097350760081D2E81DB649EC9853A5B4DD5A04565/0/F98B92454B43512A3C761A3C81A5F9B6EADD6F5D.crl
                          rsync://repository.lacnic.net/rpki/lacnic/71A2A28CD4069A1E713611A097350760081D2E81DB649EC9853A5B4DD5A04565/0/F98B92454B43512A3C761A3C81A5F9B6EADD6F5D.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F98B92454B43512A3C761A3C81A5F9B6EADD6F5D.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:c6:7c:ff:2c:14:6e:cd:5e:1b:a6:d2:aa:48:ff:0d:ae:cd:b1:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F98B92454B43512A3C761A3C81A5F9B6EADD6F5D
        Validity
            Not Before: Mar  5 17:49:31 2024 GMT
            Not After : Mar  4 17:54:31 2025 GMT
        Subject: CN=A8817F7A1E7BC5178BEC191356388680AFEE9C42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ca:51:a7:ee:a4:61:07:5b:ab:5b:0d:88:91:
                    11:ce:ba:6b:b2:94:0a:35:5f:62:31:73:34:55:1f:
                    70:4c:43:1e:b3:53:fb:d9:dc:30:e5:77:f3:44:ea:
                    68:4a:68:64:1f:7c:47:a3:c4:77:ae:27:c3:a7:4d:
                    42:70:e3:0e:f6:f3:3f:c5:99:06:c2:c0:57:73:84:
                    72:38:b0:6c:48:3c:96:bf:b8:48:38:ab:db:2e:79:
                    8d:14:3e:cf:c4:d6:c6:cb:30:74:e3:1a:71:ed:2d:
                    02:63:47:1b:46:63:7f:4e:12:41:8d:df:6c:92:58:
                    ec:fb:c7:3d:25:4b:63:35:fa:23:77:57:f1:03:e9:
                    61:bc:87:e9:52:b5:d7:27:88:9d:4a:41:41:02:28:
                    bb:22:a7:62:6e:5b:67:e4:a8:11:d6:bd:92:d2:6a:
                    b7:a1:70:d3:36:12:d0:59:5b:23:99:63:dc:bc:2b:
                    3e:aa:f8:0f:0f:20:ca:c5:96:aa:88:b6:f1:d4:96:
                    f8:13:18:86:74:dd:ea:c4:be:fb:1d:2c:9f:f1:0c:
                    6c:c0:e7:f5:f3:b4:d0:e6:0e:f5:8c:20:36:10:b5:
                    a2:8b:7f:9e:1a:97:c5:9f:b1:62:b1:7a:99:9a:54:
                    af:a5:9f:36:ef:05:e0:b2:ba:c6:03:42:60:44:03:
                    b8:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:81:7F:7A:1E:7B:C5:17:8B:EC:19:13:56:38:86:80:AF:EE:9C:42
            X509v3 Authority Key Identifier:
                keyid:F9:8B:92:45:4B:43:51:2A:3C:76:1A:3C:81:A5:F9:B6:EA:DD:6F:5D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/71A2A28CD4069A1E713611A097350760081D2E81DB649EC9853A5B4DD5A04565/0/F98B92454B43512A3C761A3C81A5F9B6EADD6F5D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F98B92454B43512A3C761A3C81A5F9B6EADD6F5D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/71A2A28CD4069A1E713611A097350760081D2E81DB649EC9853A5B4DD5A04565/0/34352e3138372e3133322e302f32322d3234203d3e20323639383139.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.187.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         80:97:84:54:16:91:dc:0e:36:28:15:05:a5:55:f5:a0:31:13:
         6d:e6:9a:d1:d6:c4:ae:36:05:1a:04:43:2c:c2:eb:3c:7b:9b:
         ba:66:2c:0d:d1:df:b0:51:90:9f:1d:06:ed:62:79:7f:f1:8e:
         94:73:cd:87:c3:7c:e7:42:b2:3f:d0:db:51:4e:09:9f:9e:dd:
         03:90:c0:b9:80:92:77:ec:e8:e9:d1:dc:f5:26:b1:6d:9c:ff:
         80:e8:91:3c:c1:cf:f6:7d:21:1c:6d:eb:d7:c9:89:b9:4d:00:
         25:77:e2:d2:be:84:92:f5:72:0f:01:6f:03:c3:14:42:01:e7:
         ef:20:57:02:34:1f:ac:59:5a:b0:5f:24:95:44:c5:62:51:81:
         de:74:02:17:4b:c4:3f:d7:53:b0:66:ef:b5:0a:ec:a5:4c:a5:
         1d:7f:3b:7d:a6:00:1b:a1:8b:fe:f1:aa:c5:83:5c:71:3f:14:
         3a:f6:8c:7c:9a:e6:49:82:eb:58:72:7a:95:a7:e7:8b:73:85:
         e0:05:dd:cf:f9:04:b6:3b:08:d7:97:eb:29:03:8a:ad:54:b5:
         86:50:8e:8c:41:73:26:2b:99:48:75:9d:83:bf:af:c8:17:5f:
         23:6e:32:77:2b:f7:fd:7e:9d:8c:1e:51:d0:2d:2a:5e:42:c2:
         74:43:df:26
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUa8Z8/ywUbs1eG6bSqkj/Da7NsdkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjk4QjkyNDU0QjQzNTEyQTNDNzYxQTNDODFBNUY5QjZF
QURENkY1RDAeFw0yNDAzMDUxNzQ5MzFaFw0yNTAzMDQxNzU0MzFaMDMxMTAvBgNV
BAMTKEE4ODE3RjdBMUU3QkM1MTc4QkVDMTkxMzU2Mzg4NjgwQUZFRTlDNDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPylGn7qRhB1urWw2IkRHOumuy
lAo1X2IxczRVH3BMQx6zU/vZ3DDld/NE6mhKaGQffEejxHeuJ8OnTUJw4w728z/F
mQbCwFdzhHI4sGxIPJa/uEg4q9sueY0UPs/E1sbLMHTjGnHtLQJjRxtGY39OEkGN
32ySWOz7xz0lS2M1+iN3V/ED6WG8h+lStdcniJ1KQUECKLsip2JuW2fkqBHWvZLS
arehcNM2EtBZWyOZY9y8Kz6q+A8PIMrFlqqItvHUlvgTGIZ03erEvvsdLJ/xDGzA
5/XztNDmDvWMIDYQtaKLf54al8WfsWKxepmaVK+lnzbvBeCyusYDQmBEA7idAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUqIF/eh57xReL7BkTVjiGgK/unEIwHwYDVR0j
BBgwFoAU+YuSRUtDUSo8dho8gaX5turdb10wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83MUEyQTI4Q0Q0MDY5QTFFNzEzNjExQTA5NzM1MDc2MDA4
MUQyRTgxREI2NDlFQzk4NTNBNUI0REQ1QTA0NTY1LzAvRjk4QjkyNDU0QjQzNTEy
QTNDNzYxQTNDODFBNUY5QjZFQURENkY1RC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GOThCOTI0NTRCNDM1MTJBM0M3
NjFBM0M4MUE1RjlCNkVBREQ2RjVELmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNzFBMkEyOENENDA2OUExRTcxMzYxMUEwOTczNTA3NjAwODFEMkU4MURC
NjQ5RUM5ODUzQTVCNERENUEwNDU2NS8wLzM0MzUyZTMxMzgzNzJlMzEzMzMyMmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM5MzgzMTM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLbuE
MA0GCSqGSIb3DQEBCwUAA4IBAQCAl4RUFpHcDjYoFQWlVfWgMRNt5prR1sSuNgUa
BEMswus8e5u6ZiwN0d+wUZCfHQbtYnl/8Y6Uc82Hw3znQrI/0NtRTgmfnt0DkMC5
gJJ37Ojp0dz1JrFtnP+A6JE8wc/2fSEcbevXyYm5TQAld+LSvoSS9XIPAW8DwxRC
AefvIFcCNB+sWVqwXySVRMViUYHedAIXS8Q/11OwZu+1CuylTKUdfzt9pgAboYv+
8arFg1xxPxQ69ox8muZJgutYcnqVp+eLc4XgBd3P+QS2OwjXl+spA4qtVLWGUI6M
QXMmK5lIdZ2Dv6/IF18jbjJ3K/f9fp2MHlHQLSpeQsJ0Q98m
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:07:54 2024 by rpki-client on console-ams.rpki-client.org